Revoke Token

post

https://api.vcita.biz/platform/v1/tokens/revoke

Overview

Revoke a specific access token by providing the token value. The token must be accessible by the authenticated caller (e.g., a Directory token can only revoke tokens it issued).

Available for Staff, Application, and Directory tokens.

Authorization Rules

Staff tokens: Can revoke tokens associated with the authenticated user.
Directory tokens: Can revoke tokens they issued to users or apps within their directory.
Application tokens: Can revoke tokens they issued to users within their directory.

Error Handling

Returns 422 with "error": "Unauthorized" if the caller does not have permission to revoke the specified token.
Returns 422 with "error": "invalid token" if the provided token value does not exist.

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Responses

Language

Credentials

Bearer

JWT

Loading…

Response

Click Try It! to start a request and see the response here! Or choose an example:

application/json

201Token revoked successfully. Returns the list of tokens that were revoked.

401Unauthorized - Invalid or missing authentication token in the request header.

422Unprocessable Entity - The request was valid but could not be processed. This occurs when the caller does not have permission to revoke the specified token, or when the provided token value does not exist.

500Internal Server Error - An unexpected error occurred while processing the request.